Backport proposed fix for CVE-2025-31344 from OpenMandriva. Install gif_getarg.h header.
Comment
Archive for Fedora Linux Distribution – Security Advisories
2363 results.
Fix CVE-2024-56406
New jupyterlab and notebook
rpki-client 9.5 rpki-client now includes arin.tal which is no longer legally encumbered. See https://www.arin.net/announcements/20250116-tal/ rpki-client reports Certification Authorities that do not meaningfully participate in the RPKI as non-functional CAs. By definition, a CA is non-
Limit the data stored in session state. Remove the empty area below the title bar in Web Inspector when not docked. Fix various crashes and rendering issues
Update the openssl crate to version 0.10.72. Update the openssl-sys crate to version 0.9.107. This update addresses CVE-2025-3416 / RUSTSEC-2025-0022 (a possible use-after- free issue in two public functions). A survey of dependent packages in Fedora shows that none of them use the affected API, or do not use them in a way that
MySQL 8.0.41 Reease notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-41.html
Unretireing the package.
This release fixes CVE-2024-13939 (leaking the length of a secret string)
Update the openssl crate to version 0.10.72. Update the openssl-sys crate to version 0.9.107. This update addresses CVE-2025-3416 / RUSTSEC-2025-0022 (a possible use-after- free issue in two public functions). A survey of dependent packages in Fedora shows that none of them use the affected API, or do not use them in a way that
See https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-0-is-out/
Version 6.9.1 (2025-04-03) Fixed Path Traversal security vulnerability reported by Positive Technologies. Version 6.9.0 (2025-03-30) Added PHP 8.4 testing. Removed tcpdf_import.php and tcpdf_parser.php files (for a parser check the tc-
This releases preserves enablement state of dnf-automatic.timer when upgrading to Fedora 41.
MariaDB 10.11.11 Release notes: https://mariadb.com/kb/en/mariadb-10-11-11-release-notes/
Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation
Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation
Update to 6.0.39 (CVE-2024-45700, CVE-2024-36469, CVE-2024-42325, CVE-2024-45699)
Update to 1.34.5. Fixes CVE-2025-31498.
Update to upstream OpenVPN 2.6.14 Fixes CVE-2025-2704
Update to 7.2.5 (CVE-2024-36469, CVE-2024-42325, CVE-2024-45700)
Update to 135.0.7049.52 High CVE-2025-3066: Use after free in Navigations Medium CVE-2025-3067: Inappropriate implementation in Custom Tabs Medium CVE-2025-3068: Inappropriate implementation in Intents Medium CVE-2025-3069: Inappropriate implementation in Extensions
Limit the data stored in session state. Remove the empty area below the title bar in Web Inspector when not docked. Fix various crashes and rendering issues
CVE-2025-27835 ghostscript: Buffer overflow when converting glyphs to unicode (fedora#2355025) CVE-2025-27834 ghostscript: Buffer overflow caused by an oversized Type 4 function in a PDF (fedora#2355023) CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow
MariaDB 10.11.11 Release notes: https://mariadb.com/kb/en/mariadb-10-11-11-release-notes/
CVE-2025-2588
Update to 128.9.0 https://www.thunderbird.net/en-US/thunderbird/128.9.0esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2025-24/
Backport fixes from v1.127.1
Resolve FTBFS Resolves: rhbz#2352149 Adopt trivy for license detection to be consistent with cri- tools[1.29..1.32]
Resolve FTBFS and rhbz#2351926
5.0.0